← Back

CVE-2025-68973

nvd nist
Published: Dec 28, 2025Modified: Jan 14, 2026

JSON object

Loading...
7.0
Vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.0 / Impact: 5.9
Source: NVD

Description

In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)

Affected (1)

Products: Gnupg: Gnupg
Gnupg
1 product
Gnupg
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Gnupg
Up to 2.4.8

Related CWEs

CWE-675
Multiple Operations on Resource in Single-Operation Context
The product performs the same operation on a resource two or more times, when the operation should only be applied once.
CWE-787
Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.

References (10)

Source: cve@mitre.org
Product
Source: cve@mitre.org
Patch
Source: cve@mitre.org
Patch
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Issue Tracking
Source: cve@mitre.org
Issue Tracking
Source: cve@mitre.org
Mailing List
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListPatch
Source: af854a3a-2127-422b-91ae-364da2661108
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Broken Link

Timeline

No history available yet.